Hacker News new | past | comments | ask | show | jobs | submit login

I think it reflects worse on the companies getting hacked than the need to fight hackers. Of course there will be hackers, but how many people now don't trust Sony or Citi?



that is very true, but the media seems to spin it purely against the big bad hackers. Trust me, I love that these companies are finally getting a reality check! I mean the Citi hack was URL modification. please thats like figuring out if theres http://something.com/2.jpg there is probably also 1.jpg and 3.jpg


Does anyone know what stack Citi was using?


Probably something very large, very expensive, and very custom. I would think something like a custom contract-deal IBM solution.

Here is the whatweb output: ./whatweb https://online.citibank.com https://online.citibank.com [200] X-UA-Compatible[IE=EmulateIE7, IE=EmulateIE7], UncommonHeaders[jid], Cookies[JFPWebAppInfo,JSESSIONID], Title[Citibank Online], Country[UNITED STATES][US]

Looks like something Java-based. It's fun that sometimes software gets so large that they miss a gaping security hole like this.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: